From c494e6bf7ed5123d9188e180f81b1008b2734118 Mon Sep 17 00:00:00 2001 From: Somtochi Onyekwere Date: Wed, 21 Apr 2021 22:12:42 +0100 Subject: [PATCH] Inject password in create secret git if specified Signed-off-by: Somtochi Onyekwere --- cmd/flux/create_secret_git.go | 8 ++++++++ cmd/flux/create_source_git.go | 9 +++++++++ docs/cmd/flux_create_secret_git.md | 7 +++++++ docs/cmd/flux_create_source_git.md | 9 +++++++++ 4 files changed, 33 insertions(+) diff --git a/cmd/flux/create_secret_git.go b/cmd/flux/create_secret_git.go index e7410ea8..446703a0 100644 --- a/cmd/flux/create_secret_git.go +++ b/cmd/flux/create_secret_git.go @@ -50,6 +50,13 @@ For Git over HTTP/S, the provided basic authentication credentials are stored in --url=ssh://git@github.com/stefanprodan/podinfo \ --private-key-file=./private.key + # Create a Git SSH authentication secret with a passworded private key from file + # The public SSH host key will still be gathered from the host + flux create secret git podinfo-auth \ + --url=ssh://git@github.com/stefanprodan/podinfo \ + --private-key-file=./private.key \ + --password= + # Create a secret for a Git repository using basic authentication flux create secret git podinfo-auth \ --url=https://github.com/stefanprodan/podinfo \ @@ -140,6 +147,7 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error { opts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(secretGitArgs.keyAlgorithm) opts.RSAKeyBits = int(secretGitArgs.rsaBits) opts.ECDSACurve = secretGitArgs.ecdsaCurve.Curve + opts.Password = secretGitArgs.password case "http", "https": if secretGitArgs.username == "" || secretGitArgs.password == "" { return fmt.Errorf("for Git over HTTP/S the username and password are required") diff --git a/cmd/flux/create_source_git.go b/cmd/flux/create_source_git.go index b3090737..793136ac 100644 --- a/cmd/flux/create_source_git.go +++ b/cmd/flux/create_source_git.go @@ -101,6 +101,15 @@ For private Git repositories, the basic authentication credentials are stored in --branch=master \ --private-key-file=./private.key + # Create a source for a Git repository using SSH authentication and a + # private key with a password from file + # The public SSH host key will still be gathered from the host + flux create source git podinfo \ + --url=ssh://git@github.com/stefanprodan/podinfo \ + --branch=master \ + --private-key-file=./private.key \ + --password= + # Create a source for a Git repository using basic authentication flux create source git podinfo \ --url=https://github.com/stefanprodan/podinfo \ diff --git a/docs/cmd/flux_create_secret_git.md b/docs/cmd/flux_create_secret_git.md index 042b39c2..2c47a213 100644 --- a/docs/cmd/flux_create_secret_git.md +++ b/docs/cmd/flux_create_secret_git.md @@ -31,6 +31,13 @@ flux create secret git [name] [flags] --url=ssh://git@github.com/stefanprodan/podinfo \ --private-key-file=./private.key + # Create a Git SSH authentication secret with a passworded private key from file + # The public SSH host key will still be gathered from the host + flux create secret git podinfo-auth \ + --url=ssh://git@github.com/stefanprodan/podinfo \ + --private-key-file=./private.key \ + --password= + # Create a secret for a Git repository using basic authentication flux create secret git podinfo-auth \ --url=https://github.com/stefanprodan/podinfo \ diff --git a/docs/cmd/flux_create_source_git.md b/docs/cmd/flux_create_source_git.md index 6d6daf23..70bbfca7 100644 --- a/docs/cmd/flux_create_source_git.md +++ b/docs/cmd/flux_create_source_git.md @@ -54,6 +54,15 @@ flux create source git [name] [flags] --branch=master \ --private-key-file=./private.key + # Create a source for a Git repository using SSH authentication and a + # private key with a password from file + # The public SSH host key will still be gathered from the host + flux create source git podinfo \ + --url=ssh://git@github.com/stefanprodan/podinfo \ + --branch=master \ + --private-key-file=./private.key \ + --password= + # Create a source for a Git repository using basic authentication flux create source git podinfo \ --url=https://github.com/stefanprodan/podinfo \